This invention generally relates to a system for protecting content. Specifically, the present invention pertains to utilizing a ticket, a watermark, and a time reference to indicate the copy protection status of content.
The ability to transmit digital information securely is increasingly important. Owners of content want to be able to provide the content to authorize users without having the content utilized by unauthorized users. However, one problem with digital content is that an exact copy can be made without any degradation in the quality of the copy. Therefore, the copying of digital content is very attractive to pirating operations or attackers.
There are several different levels of attackers. Each type of attacker has a different level of sophistication, motivation, and means (software and hardware) needed to defeat a copy protection method. There are four typical types of attackers, a casual attacker, a hacker, a small-scale pirate, and a commercial pirate.
A casual attacker is an ordinary consumer that is motivated to copy content for later use (time shifting) or for distribution to friends and relatives. The level sophistication of a casual attacker is low. The casual attacker will typically only use consumer equipment in an unmodified form. A more aggressive casual attack may be mounted if a relatively inexpensive modification to consumer equipment is available. This may take the form of a hardware device such as the equipment used to defeat the Macrovision system. Typically, a casual attacker will not open a product to access the internal connections.
A hacker is usually motivated to copy protected content just to see if it can be done. The content may then be distributed widely in avoidance or in spite of copy protection laws. An attacker of this type is often highly skilled and may go to great lengths to acquire content. The financial resources of such an attacker are limited but the time resources can be high. Once the content is acquired, the content may be distributed to friends and relatives. In addition, the Internet may also provide an anonymous method for distributing the illegally copied content.
Both small-scale and commercial pirates are interested in defeating copy-protected content in order to produce and sell illegal copies of the content. By avoiding payments to the rightful owner of the copy-protected content, the pirates may reap large profits. Typically, the pirate may take advantage of the difference in release windows in order access high value content and distribute it.
For instance, in the movie industry, release windows are utilized to maximize profit from content. The essence of these release windows is to first release the content to a premium service such as a pay-per-view service or a video on demand service. Thereafter, the content may be released on a lower price service such as a home-box-office service. At this time, the content may also be available to a consumer through a purchased storage medium such as a Digital Video Disc (DVD).
Pirates however, frustrate the use of these release windows by pirating the content that is available through the premium service and then releasing pirated versions of the content to the public. This may cause substantial financial losses to the rightful owners of the content. Accordingly, a successful copy protection scheme should at least frustrate a pirates attempt for a sufficient period of time till the legitimate owner of the content may reap their rightful profits.
As a class, pirates are assumed to have information not readily available to the consumer including a direct knowledge and understanding of the circuitry within a product. Additionally, the pirate is willing to open the cover of the device to gain access to internal connections. These connections can be easily accessible or may take some amount of specialized tooling to locate or tap. A pirate may have the ability to reverse engineer a product sufficiently to determine the location of clear digital signals. A pirate may also have detailed information about internal circuitry of consumer electronics devices that would allow for the tapping of clear digital signals before or after compression. The pirate typically has the understanding needed to use expensive custom hardware that is designed to break cryptographic keys. Finally, the pirate is assumed to have knowledge of the algorithms and protocols used within the copy protection system and some ability to attempt to defeat them. The systems used to defeat copy protection may include a PC, a group of PCs, or custom-built equipment assembled for the sole purpose of defeating copy protection.
Beyond some level of attacker, the expense of defeating the attacker exceeds a reasonable limit whereby the device must be priced beyond what consumer is willing to pay. Thus, a copy protection solution must be cost effective but secure against a large number of attackers.
A cost-effective method of copy protection is discussed in detail by Jean-Paul Linnartz et al., in Philips Electronics Response to Call for Proposals Issued by the Data Hiding Subgroup Copy Protection Technical Working Group, July 1997 (xe2x80x9cLinnartzxe2x80x9d), which is incorporated herein by reference. Within a digital transmission, such as an MPEG transport stream, additional data may be embedded within the transport stream to set the copy protection status of content contained within the digital transmission. For instance, the desired copy protection status may be xe2x80x9ccopy-oncexe2x80x9d, xe2x80x9cno-more-copyxe2x80x9d, xe2x80x9ccopy-neverxe2x80x9d, and xe2x80x9ccopy-freelyxe2x80x9d. Content that has a status of copy-once may be played and copied. During copying, the copy-once content is altered such that the content is in the no-more-copy state. Copy-never content is content that may only be played and may not be copied. Copy-freely content may be played and copied without restriction.
The additional data may take the form of a digital watermark. The watermark may be embedded directly into the content so that removal of the watermark will degrade the quality of the content. The watermark may be utilized as part of the copy protection scheme. As an example, the copy-freely state may be designated by the lack of a watermark within the content.
In operation, a transmission, such as a digital transmission, is sent from a source device and received by a receiving device. A source device is a device that is writing content onto a data bus, initiating a broadcast transmission, initiating a terrestrial transmission, etc. A sink device is a device that reads content from the data bus, etc.
FIG. 1 shows a typical system for the transmission of content. In FIG. 1, the source device is a broadcast initiator 101 that utilizes a transmitting antenna 102 to transmit content. The sink device is a broadcast receiver, such as a set-top-box (STB) 104 that utilizes a receiving antenna 103 for receiving the transmitted content. The STB 104 is shown connected to a display device 105, a player 106, and a player/recorder 107, through a bus 108. The term bus is utilized herein to refer to any system for connecting one device to another device. The bus may be a hard wired system such as a coaxial wire, an IEEE 1553 bus, etc., or the bus may be a wireless system such as an infra-red or broadcast system. Several of the devices shown in FIG. 1 may at one time act as a source device and at another time act as a sink device. The STB 104 may be a sink for the broadcast transmission and be a source for a transmission on the bus 108. The player/recorder 107 may be a source/sink of a transmission to/from, respectively, the bus 108.
In the copy protection scheme discussed by Linnartz, a watermark (W) is embedded within transmitted content. A ticket is transmitted along with the transmitted content. The embedded watermark and the ticket together are utilized to determine the copy protection status of the transmitted content. The watermark may be embedded into the content by at least two known methods. One method embeds the watermark (W) in the MPEG coding of the content. Another method embeds the watermark (W) in the pixel data of the content. The ticket (T) is cryptographically related to the watermark (W).
Performing one or more one-way functions on the ticket (T) derives the watermark (W). By use of the term one-way function, what is meant is that it is computationally unfeasible to compute the inverse of the function. An example of a publicly known cryptographic one-way function is a hashing function, such as secure hash algorithm one (SHAxe2x88x921) or RACE Integrity Primitives Evaluation Message Digest (RIPEMD). Computing an inverse means finding which particular x0 leads to a given y0 with y0=F(x0). The term unfeasible is intended to mean that the best method will take too long to be useful for a pirate. For instance, the time that is required for a pirate to compute the inverse of a hashing function is too long for the pirate to frustrate the intended release window for protected content. The most efficient method known to find such an x0 may be to exhaustively search all possible bit combinations of x0 and to compute and verify F(x0) for each attempt. In other cases, there may be a more efficient method than an exhaustive search to compute an inverse of a one-way function, yet these methods are still too time consuming to be feasible for the pirate.
The bit content of the ticket (T) is generated from a seed (U). The content owner provides the seed (U). From the seed (U) a physical mark (P) is created. The physical mark (P) may be embedded on a storage medium such as a Read-Only Memory (ROM) disk. Performing one or more one-way functions on the physical mark (P) produces the ticket (T). The number of functions performed on the physical mark (P) to create the ticket (T) depends on the copy protection intended for the content.
In accordance with the system, the ticket (T) changes state during every passage of a playback device (e.g., a source device) and a recording device (e.g., a. sink device). As discussed above, the state modifications are cryptographically irreversible and reduce the remaining copy and play rights of the content that are granted by the ticket (T). In this way, the ticket (T) indicates the number of sequential playback and recordings that may still be performed and acts as a cryptographic counter that can be decremented but not incremented.
It should be noted that the copy protection scheme only protects content on compliant systems. A compliant system is any system that obeys the copy protection rules described above and hereinafter. A non-compliant system may be able to play and copy material irrespective of the copy protection rules. However, a compliant system should refuse to play copies of content illegally made on a non-compliant system.
In accordance with the copy protection scheme, a physical mark (P) (e.g., data) is stored on a storage medium and is not accessible by other user equipment. The physical mark (P) data is generated at the time of manufacturing of the storage medium as described above and is attached to the storage medium in a way in which it is difficult to remove the physical mark (P) data without destroying the storage medium. The application of a one-way cryptographic function, such as a hashing function, to the physical mark (P) data four times results in a watermark.
A watermark by itself may indicate whether or not content stored on the storage medium is copy-once or copy-never. For instance, the absence of a watermark may indicate that the content may be copied freely. The presence of the watermark without a ticket on a storage medium may indicate copy-never content.
When the content is transmitted over a bus or other transmission medium, the physical mark (P) data is hashed twice to generate a ticket. When a compliant player receives the content, the ticket is hashed twice and matched to the watermark. In the case where the twice hashed ticket and the watermark match, the content is played. In this way, a party may not substitute a false ticket along with the content to frustrate the copy protection scheme. In the case were there is a ticket but no watermark in the content, a compliant system will refuse to play the content.
When a compliant recorder reads the content, the watermark is checked to see if the material is copy-freely, copy-once, or copy-never. When there is no watermark, the content is copy-freely and may be copied freely as discussed above. When the content contains a watermark but no ticket, the content is copy-never and a compliant recorder will refuse to copy the content however, a compliant player will play the content. When the content is copy-once, the content contains both a watermark and a ticket, the ticket is hashed twice and compared to the watermark. In the case where the watermark matches the twice hashed ticket, the content may be recorded along with a once-hashed ticket and the watermark, thereby creating copy-no-more content (e.g., content with a once-hashed ticket and a watermark).
It should be noted that in a broadcast system, such as a pay-per-view system, a copy-never state may be indicated by the presence of a once-hashed ticket and a watermark. Both copy-no-more stored content and copy-never broadcast content are treated by a compliant system similarly. The content containing the once-hashed ticket may be played but may not be recorded in a compliant system. In the event that a party tries to record the content with the once-hashed ticket, a compliant recorder will first twice-hash the once-hashed ticket and compare the result (e.g., a thrice-hashed ticket) with the watermark. Since the thrice-hashed ticket will not match the watermark, the compliant recorder will refuse to record the content.
A compliant player that receives the once-hashed ticket will hash the once-hashed ticket and compare the result (e.g., a twice-hashed ticket) to the watermark. Since the twice-hashed ticket matches the watermark, the compliant player will play the content.
However, a problem exists wherein a non-compliant recorder receives content containing a twice-hashed ticket and a watermark. In the event that a non-compliant recorder does not alter the ticket upon receipt or recording, the non-compliant recorder may make multiple copies of the ticket and the watermark which will play on a compliant player and which may be recorded on a compliant recorder. The same problem can exist where a non-compliant recorder receives content containing a thrice-hashed ticket and a watermark indicating copy-no-more content. In this case, the non-compliant recorder may make multiple copies of the thrice-hashed ticket and the watermark that will play on the compliant player.
In a case wherein the player receives the content directly from a read only medium, such as a Compact Disc ROM (CD-ROM), a physical mark can be embedded in the physical medium of the CD-ROM that is produced by an authorized manufacturer. The player may then check the physical mark to ensure that the content is being received from an authorized medium. In this way, if a pirate makes an unauthorized copy, the physical mark will not be present on the. unauthorized copy and a compliant player will refuse to play the content. However, in the case of broadcast data for instance, wherein a player does not read content directly from the read-only medium, this method of copy protection is unavailable.
Accordingly, it is an object of the present invention to overcome the disadvantages of the prior art. It is also an object of the present invention to provide a method of transmitting copy protected copy-never content that will prevent a pirate from making copies that will play on a compliant player.
These and other objects of the present invention are achieved by a copy protection system for protecting content wherein a ticket and a watermark are utilized to indicate the copy protection status of the content. In accordance with the present invention, the ticket and watermark are created utilizing a first time reference (TD) and a one-way function. The system utilizes a source device to produce the ticket and watermark. The watermark is then embedded into the content in such a way that the watermark can not be removed from the content without largely degrading the content. The ticket is then transmitted, along with the first time reference (TD), the embedded watermark, and the content, to a receiver device. Prior to playing, recording, etc, the receiver device verifies the ticket and watermark utilizing the first time reference, and thereby, determines the copy protection status of the content.
During authorized creation of a medium such as a CD_ROM containing content, a physical mark is placed on the CD-ROM that is not accessible by typical user equipment. The data for the physical mark may be calculated by processing (e.g., performing a hashing function) seed data. Seed data is determined utilizing randomly occurring phenomena such as natural physical phenomena (e.g., the number of gamma ray emissions from the sun in a determined period of time). The methods for determining suitable seed data are known by a person of ordinary skill in the art. The seed data is selected such that there is a negligibly small chance that a party would guess the seed data.
At the source device (e.g., a broadcasting device), in a preferred embodiment, a one-way function, such as a hashing function, is performed on the physical mark data to produce a ticket (T). The ticket (T) is combined with the first time reference (TD), utilizing for instance a concatenation function, to produce a result (T.TD). A hashing function is performed on the result (T.TD) to produce a ticket (Txe2x80x2). The ticket (Txe2x80x2) is combined with the first time reference to produce a result (Txe2x80x2.TD). The hashing function is performed on the result (Txe2x80x2.TD) to produce a ticket (Txe2x80x3). The ticket (Txe2x80x3) is combined with the first time reference (TD) to produce a result (Txe2x80x3.TD). The hashing function is performed on the result (Txe2x80x3.TD) to produce a ticket (Txe2x80x2xe2x80x3). The ticket (Txe2x80x3xe2x80x2) is combined with the first time reference (TD) to produce a result (Txe2x80x2xe2x80x3.TD). The hashing function is performed on the result (Txe2x80x2xe2x80x3.TD) to produce the watermark.
The ticket (Txe2x80x3) may be utilized to indicate that the content may be copied once (e.g., a copy protection status of copy-once). The ticket (Txe2x80x2xe2x80x3) may be utilized to indicate that the content may never be copied (e.g., a copy protection status of copy-never). The source device transmits to the receiver device a data stream containing the content with the watermark embedded therein, the first time reference (TD), and the ticket (Txe2x80x3), for instance if the copy protection status of the content is copy-once. Alternate tickets, such as the tickets discussed above, may be transmitted in the data stream to indicate an alternate copy protection status for the content.
It should be noted that although in the above-described embodiment, the time reference (TD) is concatenated with every hash, it would be sufficient in some circumstances that the time reference (TD) is only utilized in a single operation for deriving the ticket.
The receiver device receives the data stream, and if the first time reference (TD) is contained within a time window determined by a second time reference, the receiver device compares the ticket (Txe2x80x3) to the watermark using the first time reference (TD) and the hashing function. Specifically, at the receiver device, the ticket (Txe2x80x3) is combined with the first time reference, and the hashing function is performed on the result (Txe2x80x3.TD) to produce the ticket (Txe2x80x2xe2x80x3). The ticket (Txe2x80x2xe2x80x3) is combined with the first time reference, and the hashing function is performed on the result (Txe2x80x2xe2x80x3.TD) to produce a result (Txe2x80x3xe2x80x3) that should equal the watermark (W). In a case when the result (Txe2x80x3xe2x80x3) equals the watermark (W), the receiver device makes the content available for copying and/or playing. However, if the receiver device receives the data stream and the first time reference (TD) is not contained within the time window determined by the second time reference, then the receiver device will not make the content available for copying or playing. In addition, even when the first time reference (TD) is contained within the time window determined by the second time reference, if the result (Txe2x80x3xe2x80x3) is not equal to the watermark (W), then the receiver device will not make the content available for copying or playing.